<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Authentication_Model extends CI_Model {
	
	public function is_allowed($role, $privilege) {
		$query = "SELECT * FROM  smb_user_privileges WHERE role = ? and privilege = ?";
		$result = $this->db->query($query, array($role, $privilege));
		if ($result->num_rows() > 0) {
			return TRUE;
		} else {
			$this->session->set_flashdata('error', 'Terjadi kesalahan saat akses database.');
			return FALSE;
		}
	}
	
	public function login($username, $password) {
		$query = "SELECT * FROM smb_users WHERE username = ?";
		$result = $this->db->query($query, array($username));
		if ($result->num_rows() != 1) {
			return NULL;
		} else {
			$userinfo = $result->row();
			if ($password != $userinfo->password) {
				return NULL;
			} else {
				return $userinfo;
			}
		}
	}
}